configure HTTPS on GAX for Genesys 8.5 in redhat/centos 6

[sabsab]

hi,

I installed my Genesys 8.5 platform on Redhat/Centos6.
To secure my GAX (Genesys Administrator Extention), I want to configure it for an HTTPS connection.

I followed the documentation to generate and create my cerfiticats.

######
# My gax.properties file:
#Wed Jun 07 16:55:54 CEST 2017
keystore_password=NgqV/SGoqnI6A+Alr8moXg\=\=
backup_port=2020
port=2020
backup_host=
host=192.168.***.***
app=Genesys Administrator Server
http_port=8080
https_port=8443
keystore_path=/opt/genesys/gax/ssh/keystore
supported_protocol=https
######


When I put the option: supported_protocol = https, my GAX does not start.
###
[root@radius gax]# ./gax_startup.sh &
[1] 2962
[root@radius gax]# usage: kill [ -s signal | -p ] [ -a ] pid ...
kill -l [ signal ]
OpenJDK 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
OpenJDK 64-Bit Server VM warning: If the number of processors is expected to increase from one, then you should configure the number of parallel GC threads appropriately using -XX:ParallelGCThreads=N
2017-06-12 17:04:37.867:INFO:oejs.Server:jetty-7.x.y-SNAPSHOT
2017-06-12 17:04:40.164:INFO:oejw.StandardDescriptorProcessor:NO JSP Support for /gax, did not find org.apache.jasper.servlet.JspServlet
2017-06-12 17:04:41.346:INFO:/gax:Initializing Spring root WebApplicationContext
2017-06-12 17:04:47,278 WARN : com.genesyslab.gax.core.system.SystemArgs [main] - [41] GAX starts up with no startup command specified.
2017-06-12 17:04:54,265 WARN : com.genesyslab.gax.core.log.LogOptionReader [main] - [122] No segment logging configuration found in application object.
2017-06-12 17:04:54,271 WARN : com.genesyslab.gax.core.log.LogOptionReader [main] - [134] No expire logging configuration found in application object.
2017-06-12 17:04:54,303 WARN : com.genesyslab.gax.core.audit.AuditDatabaseBeanManager [main] - [49] Auditing data source is not configured, auditing is disabled!
2017-06-12 17:04:54,938 INFO : com.genesyslab.gax.core.audit.AuditingServiceImpl [main] - [54] Auditing is enabled.
2017-06-12 17:04:55,009 INFO : com.genesyslab.gax.core.configuration.messageserver.MessageServerAdapter [main] - [179] ------------------------------------------------------------
2017-06-12 17:04:55,010 INFO : com.genesyslab.gax.core.configuration.messageserver.MessageServerAdapter [main] - [180] GAX - MS configuration.
2017-06-12 17:04:55,024 ERROR: com.genesyslab.gax.core.configuration.messageserver.MessageServerAdapter [main] - [186] No MS server found
2017-06-12 17:04:56,422 INFO : com.genesyslab.gax.core.security.TlsConfiguration [main] - [71] ---------- Setup of TLS configuration ----------
2017-06-12 17:04:56,422 INFO : com.genesyslab.gax.core.security.TlsConfiguration [main] - [73] TLS authentication will be disabled.
2017-06-12 17:04:56,423 INFO : com.genesyslab.gax.core.security.TlsConfiguration [main] - [74] ---------------------------------------------------
2017-06-12 17:04:57,385 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [179] ------------------------------------------------------------
2017-06-12 17:04:57,386 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [180] GAX - LCA configuration.
2017-06-12 17:04:57,400 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [201] Timeout in seconds between attempts = 60
2017-06-12 17:04:57,401 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [206] Timeout for LCA = 30
2017-06-12 17:04:57,401 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [218] Maximum number of connection attempts = 1
2017-06-12 17:04:57,407 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [221] Maximum number of configured switchovers trials = unlimited
2017-06-12 17:04:57,408 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [235] Starting Warmstandby Service
2017-06-12 17:04:57,412 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [237] Warmstandby Service started.
2017-06-12 17:04:57,508 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [179] ------------------------------------------------------------
2017-06-12 17:04:57,508 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [180] GAX - SCS configuration.
2017-06-12 17:04:57,556 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [201] Timeout in seconds between attempts = 60
2017-06-12 17:04:57,556 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [218] Maximum number of connection attempts = 1
2017-06-12 17:04:57,562 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [221] Maximum number of configured switchovers trials = unlimited
2017-06-12 17:04:57,565 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [235] Starting Warmstandby Service
2017-06-12 17:04:57,568 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [237] Warmstandby Service started.
2017-06-12 17:04:57,606 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [154] Opening connection to SCS Server ...
2017-06-12 17:04:57,634 INFO : com.genesyslab.gax.core.configuration.scs.SCSConnectorChannelListener [Thread-9] - [22] Event:Channel tcp://SCS@192.168.***.***:6000 is opened.
2017-06-12 17:04:57,636 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [main] - [154] Opening connection to LCA Server ...
2017-06-12 17:04:57,674 INFO : com.genesyslab.gax.core.configuration.lca.LcaMessageHandler [com.genesyslab.PCT.invoker.default] - [14] message received: 'EventHostUnderControl' (41) attributes:
attr_scs_socket [long] = 12
attr_scs_app_name [str] = "SCS"
attr_scs_host_name [str] = ""
2017-06-12 17:04:57,674 INFO : com.genesyslab.gax.core.configuration.lca.LcaChannelListener [Thread-11] - [23] Event:Channel tcp://LCA@localhost:4999 is opened.
2017-06-12 17:04:57,680 INFO : com.genesyslab.gax.core.configuration.lca.LcaChannelListener [Thread-11] - [28] Event:updateStatus app name: Genesys Administrator Server
2017-06-12 17:04:57,680 INFO : com.genesyslab.gax.core.configuration.lca.LcaChannelListener [Thread-11] - [29] Event:updateStatus status: Running
2017-06-12 17:04:57,690 WARN : com.genesyslab.gax.core.system.SystemConfigurationImpl [main] - [157]
===========================================

GAX starts with following command line:

null
GAX (application dbid: 103)) is configured with the following options:

arm/delete_from_db_after_processing: 'false'
arm/local_announcement_folder: 'announcement'
arm/local_music_folder: 'music'
arm/local_path: '/opt/gax/arm'
arm/local_sox_path: '/usr/bin/sox'
arm/max_upload_audio_file_size: '20'
arm/target_announcement_folder: 'announcement'
arm/target_music_folder: 'music'
arm/target_path: '/mnt/arm/target'
asd/local_ip_cache_dir: './plugin.data/asd/gaxLocalCache'
asd/silent_ini_path: './plugin.data/asd/installation/genesys_silent_ini.xml'
clog/maxlogs: '5000'
clog/minlogs: '100'
com/exclude_clone: 'provisioningflag'
ga/ga_appname: 'default'
ga/ga_host: ''
ga/ga_port: '80'
ga/ga_protocol: 'http'
general/auditing: 'true'
general/client_app_name: 'default'
general/default_account_dbid: '100'
general/exclude_mmswitch: 'false'
general/inactivity_timeout: '600'
general/msgsrv_attempts: '1'
general/msgsrv_timeout: '10'
general/msgsrv_warmstandby_timeout: '60'
general/scs_attempts: '1'
general/scs_timeout: '10'
general/scs_warmstandby_timeout: '60'
general/session_timeout: '900'
log/all: ''
log/standard: 'stdout,./logs/gax.log'
log/trace: ''
log/verbose: 'standard'
opm/write_json: 'false'
security/enable_un_cookie: 'true'
security/host_whitelist: ''
security/host_whitelist_enabled: 'false'


===========================================

2017-06-12 17:04:57,921 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [179] ------------------------------------------------------------
2017-06-12 17:04:57,924 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [main] - [180] GAX - SCS configuration.
2017-06-12 17:05:00,555 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-12] - [163] Plugin gax-fim is running as a backend service
2017-06-12 17:05:00,562 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-18] - [161] Plugin gax-asd is enabled
2017-06-12 17:05:00,560 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-17] - [161] Plugin gax-com is enabled
2017-06-12 17:05:00,560 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-16] - [161] Plugin gax-ga is enabled
2017-06-12 17:05:00,560 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-15] - [161] Plugin gax-opm-arm is enabled
2017-06-12 17:05:00,557 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-14] - [161] Plugin gax-webservice is enabled
2017-06-12 17:05:00,555 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-13] - [161] Plugin gax-clog is enabled
2017-06-12 17:05:00,575 INFO : com.genesyslab.gax.core.plugin.DefaultPluginManagerImpl [Thread-19] - [161] Plugin gax-core is enabled
2017-06-12 17:05:00.603:INFO:oejsh.ContextHandler:started o.e.j.w.WebAppContext{/gax,file:/opt/genesys/gax/webapp/},file:/opt/genesys/gax/gax.war
2017-06-12 17:05:00,736 INFO : com.genesyslab.gax.core.util.CoreDatabaseInspectorImpl [Thread-19] - [89] ---------- core Database Schema Version ----------
2017-06-12 17:05:00,736 INFO : com.genesyslab.gax.core.util.CoreDatabaseInspectorImpl [Thread-19] - [90] 8.1.301.01
2017-06-12 17:05:00,736 INFO : com.genesyslab.gax.core.util.CoreDatabaseInspectorImpl [Thread-19] - [91] -------------------------------------------------
2017-06-12 17:05:00,736 INFO : com.genesyslab.gax.core.util.CoreDatabaseInspectorImpl [Thread-19] - [41] Db Schema Version for plugin gax-core 8.1.301.01 is matching.
2017-06-12 17:05:00,736 INFO : com.genesyslab.gax.core.util.CoreDatabaseInspectorImpl [Thread-19] - [43] ------------------------------------------------------------------------
2017-06-12 17:05:00,737 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-18] - [89] ---------- asd Database Schema Version ----------
2017-06-12 17:05:00,737 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-18] - [90] 8.5.000.01
2017-06-12 17:05:00,737 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-18] - [91] -------------------------------------------------
2017-06-12 17:05:00,737 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-18] - [41] Db Schema Version for plugin gax-asd 8.5.000.01 is matching.
2017-06-12 17:05:00,737 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-18] - [43] ------------------------------------------------------------------------
2017-06-12 17:05:00,741 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-15] - [89] ---------- opm-arm Database Schema Version ----------
2017-06-12 17:05:00,741 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-15] - [90] 8.1.301.01
2017-06-12 17:05:00,741 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-15] - [91] -------------------------------------------------
2017-06-12 17:05:00,741 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-15] - [41] Db Schema Version for plugin gax-opm-arm 8.1.301.01 is matching.
2017-06-12 17:05:00,741 INFO : com.genesyslab.gax.api.database.DefaultDatabaseInspectorImpl [Thread-15] - [43] ------------------------------------------------------------------------
2017-06-12 17:05:00.765:INFO:/gax:Initializing Spring FrameworkServlet 'dispatcher'
[ Envjs/1.6 (Rhino; U; Linux amd64 2.6.32-696.1.1.el6.x86_64; en-US; rv:1.7.0.rc2) Resig/20070309 PilotFish/1.2.13 ]
2017-06-12 17:05:05,838 INFO : com.genesyslab.gax.asd.main.ASDPlugin [Thread-18] - [83] SPD setup: loaded default scripts
2017-06-12 17:05:05,842 ERROR: com.genesyslab.gax.asd.main.ASDPlugin [Thread-18] - [170] File not exist: ./plugin.data/asd/installation/genesys_silent_ini.xml
2017-06-12 17:05:05,846 ERROR: com.genesyslab.gax.asd.main.ASDPlugin [Thread-18] - [173] Use /opt/genesys/gax/plugin.data/asd/installation/genesys_silent_ini.xml
2017-06-12 17:05:06,424 INFO : com.genesyslab.gax.asd.main.ASDPlugin [Thread-18] - [102] ASD initialized
2017-06-12 17:05:07.100:INFO:oejs.NCSARequestLog:Opened /opt/genesys/gax/logs/http-2017_06_12.log
2017-06-12 17:05:07.136:INFO:oejs.AbstractConnector:Started SelectChannelConnector@0.0.0.0:8080
2017-06-12 17:05:07.137:WARN:oejuc.AbstractLifeCycle:FAILED SslContextFactory@5924ea91(/opt/genesys/gax/ssh/keystore,/opt/genesys/gax/ssh/keystore): java.io.IOException: Keystore was tampered with, or password was incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
Caused by:
java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
2017-06-12 17:05:07.139:WARN:oejuc.AbstractLifeCycle:FAILED SslSelectChannelConnector@0.0.0.0:8443: java.io.IOException: Keystore was tampered with, or password was incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
Caused by:
java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
2017-06-12 17:05:07.141:WARN:oejuc.AbstractLifeCycle:FAILED org.eclipse.jetty.server.Server@7bc239db: java.io.IOException: Keystore was tampered with, or password was incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
Caused by:
java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55)
at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:292)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at GaxMain.runGAX(GaxMain.java:134)
at GaxMain.main(GaxMain.java:77)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
... 15 more
2017-06-12 17:05:07,154 INFO : com.genesyslab.gax.core.configuration.scs.SolutionControlServerAdapter [Thread-8] - [166] closing connection to Server
2017-06-12 17:05:07,162 INFO : com.genesyslab.gax.core.configuration.lca.LcaAdapter [Thread-10] - [166] closing connection to Server

###

i think that i have a problem with my TLS configuration !

when i try de configure an Auto-detect port in my confserv ( configuration server application) , I lose access to my genesys administrator And the only solution is that I have to retrieve my last snapshot of my virtual machine.


Can you help me ?
Thank you very much

[cavagnaro]

Problem seems to be your key cert


[font=Verdana][size=2px]Keystore was tampered with, or password was incorrect[/size][/font]

[sabsab]

the problm was the Java Path. i added Add Java path to env again and delete cookie.
Next i renamed gax.properties to gax.properties.tmp , once restarted it will create a new gax.properties with keystore_password
and finally i continue the configuration in the support normally

And evreything works well
thanks anyways

[mcruli]

FAILED SslContextFactory@5924ea91(/opt/genesys/gax/ssh/keystore,/opt/genesys/gax/ssh/keystore): java.io.IOException: Keystore was tampered with, or password

Test this cert in other machine, and double check the password.

================================================
Prueba este certificado en otra maquina, doble check el password.

[BerliN]

Hello,

I have the same case.
When I put the option: "supported_protocol = https" or "supported_protocol = both", GAX application does not start.
Different from the above case, interestingly, My GAX app is not logging.

Is there any other configuration to enable and use "https" as a supported_protocol on gax.properties file?

Thanks,

[Kubig]

[quote]Hello,

I have the same case.
When I put the option: "supported_protocol = https" or "supported_protocol = both", GAX application does not start.
Different from the above case, interestingly, My GAX app is not logging.

Is there any other configuration to enable and use "https" as a supported_protocol on gax.properties file?

Thanks,[/quote]

No, those options are working as expected - HTTPS is fully supported by GAX. If you are not running on latest GAX version, I recommend to do an upgrade.

[BerliN]

Thanks Kubig,

My issue was related to the keystore path. It is working now.

[keisim]

Be careful when uncommenting the last line (ssl debug) in GAX latest version setenv.sh file on Linux. It has an unnecessary percent sign (%) after the JAVA_OPTS variable name. This is both in the documentation examples and in the installation files. When you uncomment the first two lines in this file to start TLS, this percent sign will be added to the keystore password string.
This causes the same errors as mentioned above.